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1 The state of the art in locally distributed Web-server systems 
Valeria Cardellini, Emiliano Casalicchio, Michele Colajanni, Philip S. Yu 
June 2002 ACM Computing Surveys (CSUR), volume 34 issue 2 

Additional Information: Ml citation, abstract references, cjtings, index 
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The overall increase in traffic on the World Wide Web is augmenting user-perceived 
response times from popular Web sites, especially in conjunction with special events. 
System platforms that do not replicate information content cannot provide the needed 
scalability to handle large traffic volumes and to match rapid and dramatic changes in the 
number of clients. The need to improve the performance of Web-based services has 
produced a variety of novel content delivery architectures. This article w ... 

Keywords: Client/server, World Wide Web, cluster-based architectures, dispatching 
algorithms, distributed systems, load balancing, routing mechanisms 



A secure and private system for subscription-based remote services 
Pino Persiano, Ivan Visconti 

November 2003 ACM Transactions on Information and System Security (TISSEC), volume 

6 Issue 4 

Full text available: || ]pdf(241.65 KB) Additional Information: full citation, abstract , references , index terms 

In this paper we study privacy issues regarding the use of the SSL/TLS protocol and X.509 
certificates. Our main attention is placed on subscription-based remote services (e.g., 
subscription to newspapers and databases) where the service manager charges a flat fee 
for a period of time independent of the actual number of times the service is requested. We 
start by pointing out that restricting the access to such services by using X.509 certificates 
and the SSL/TLS protocol, while preserving the in ... 

Keywords: Access control, anonymity, cryptographic algorithms and protocols, privacy, 
world-wide web 
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Swaminathan Sivasubramanian, Michal Szymaniak, Guillaume Pierre, Maarten van Steen 
September 2004 ACM Computing Surveys (CSUR), Volume 36 issue 3 
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Full text available: ||] pdf(374.99 KB) Additional Information: full citation, abstract, references, indexteims 

Replication is a well-known technique to improve the accessibility of Web sites. It generally 
offers reduced client latencies and increases a site's availability. However, applying 
replication techniques is not trivial, and various Content Delivery Networks (CDNs) have 
been created to facilitate replication for digital content providers. The success of these 
CDNs has triggered further research efforts into developing advanced <i>Web replica 
hosting systems </i>. These are systems that ... 

Keywords: Web replication, content delivery networks 



Afine^rainM^ 

Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Samarati 
May 2002 ACM Transactions on Information and System Security (TISSEC), volume 5 

Issue 2 

i- ... + -i ui a ^n«Ai/o» Additional Information: full citation, abstract, ref^ 

Full text available: TOpdff330.60 KB) r — * 

terms 

Web-based applications greatly increase information availability and ease of access, which 
is optimal for public information. The distribution and sharing of information via the Web 
that must be accessed in a selective way, such as electronic commerce transactions, require 
the definition and enforcement of security controls, ensuring that information will be 
accessible only to authorized entities. Different approaches have been proposed that 
address the problem of protecting information in a Web ... 

Keywords: Access control, World Wide Web, XML documents, authorizations specification 
and enforcement 



5 jmprpyjng^ 

Michael M. Swift, Anne Hopkins, Peter Brundrett, Cliff Van Dyke, Praerit Garg, Shannon Chan/ 
Mario Goertzel, Gregory Jensenworth 

November 2002 ACM Transactions on Information and System Security (TISSEC), volume 

5 Issue 4 

r n4 * i ui fa ^M-yyoi/tv Additional Information: full citatiorr, abstract, references, cltinas, index 

Full text available: pan 447. /8 KB} J ' 1 ■*" J 

terms, review 

This article presents the mechanisms in Windows 2000 that enable fine-grained and 
centrally managed access control for both operating system components and applications. 
These features were added during the transition from Windows NT 4.0 to support the Active 
Directory, a new feature in Windows 2000, and to protect computers connected to the 
Internet. While the access control mechanisms in Windows NT are suitable for file systems 
and applications with simple requirements, they fall short of the ... 

Keywords: Access control lists, Microsoft Windows 2000, Windows NT, active directory 



System support for pervasive applications 

Robert Grimm, Janet Davis, Eric Lemar, Adam Macbeth, Steven Swanson, Thomas Anderson, 

Brian Bershad, Gaetano Borriello, Steven Gribble, David Wetherall 

November 2004 ACM Transactions on Computer Systems (TOCS), volume 22 issue 4 

Full text available: ^pdff1.82 MB) Additional Information: full citation, abstract, references , index terms 

Pervasive computing provides an attractive vision for the future of computing. 
Computational power will be available everywhere. Mobile and stationary devices will 
dynamically connect and coordinate to seamlessly help people in accomplishing their tasks. 
For this vision to become a reality, developers must build applications that constantly adapt 
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to a highly dynamic computing environment. To make the developers' task feasible, we 
present a system architecture for pervasive computing, called & ... 

Keywords: Asynchronous events, checkpointing, discovery, logic/operation pattern, 
migration, one.world, pervasive computing, structured I/O, tuples, ubiquitous computing 



7 Systems and^ 




imeJemM^ 

Shashi Anand B, Krithi Ramamritham 

June 2005 Proceedings of the 4th ACM international workshop on Data engineering for 
wireless and mobile access 

Full text available: , g)pdf(191.75 KB) Additional Information: full citation, abstract, references, index terms 

The increasing popularity of mobile devices and the support of web portals towards 
performing transactions from these mobile devices has enabled business on the move. . 
However, internet access from mobile devices is expensive and is subject to high rate of 
disconnections. For a user executing a transaction with a web portal from a mobile device, 
the disconnection will require him to redo all the steps in the transaction on subsequent 
reconnection. This paper proposes a recovery scheme to restore ... 

Keywords: WAP, WAP internet transaction, internet transaction, mobile internet 
transaction, mobile transaction, recovery 



8 Recoyejy..guarantees lQr.JnterDMjp^cations 

Roger Barga, David Lomet, German Shegalov, Gerhard Weikum 
August 2004 ACM Transactions on Internet Technology (TO IT), volume 4 issue 3 

Full text available: ^| pdf(997,52 KB) Additional Information: full citation, abstract, references , index terms 

Internet-based e-services require application developers to deal explicitly with failures of 
the underlying software components, for example web servers, servlets, browser sessions, 
and so forth. This complicates application programming, and may expose failures to end 
users. This paper presents a framework for an application-independent infrastructure that 
provides recovery guarantees and masks almost all system failures, thus relieving the 
application programmer from having to deal with these f ... 

Keywords: Exactly-once execution, application recovery, communication protocols, 
interaction contracts 



9 Firmato: A novel firewall management toolkit 
Yair Bartal, Alain Mayer, Kobbi Nissim, Avishai Wool 

November 2004 ACM Transactions on Computer Systems (TOCS), volume 22 issue 4 
Full text available: ^pdf(917.SQ KB) Additional Information: MLQitatjon, abstract references, indexjerms 

In recent years packet-filtering firewalls have seen some impressive technological advances 
(e.g., stateful inspection, transparency, performance, etc.) and wide-spread deployment. In 
contrast, firewall and security <i>management</i> technology is lacking. In this paper we 
present <i>Firmato</i>, a firewall management toolkit, with the following distinguishing 
properties and components: (1) an entity-relationship model containing, in a unified form, 
global knowledge of the sec ... 

Keywords: Security policy, firewall, management, model definition language, visualization 
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10 Spoken .diaJeaue^ 
Michael F. McTear 

March 2002 ACM Computing Surveys (CSUR), volume 34 issue l 

Additional Information: full citation, abstract, references, citings, index 



Full text available: W\ pdfjf987.69 KB) 

terms, review 

Spoken dialogue systems allow users to interact with computer-based applications such as 
databases and expert systems by using natural spoken language. The origins of spoken 
dialogue systems can be traced back to Artificial Intelligence research in the 1950s 
concerned with developing conversational interfaces. However, it is only within the last 
decade or so, with major advances in speech technology, that large-scale working systems 
have been developed and, in some cases, introduced into commerc ... 

Keywords: Dialogue management, human computer interaction, language generation, 
language understanding, speech recognition, speech synthesis 



11 COCA:.Asecure„dM 

Lidong Zhou, Fred B. Schneider, Robbert Van Renesse 

November 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue 4 

Additional Information: full citation, abstract, references , citings, index 



Full text available: m pdf{448.28 KB* 

terms 

COCA is a fault-tolerant and secure online certification authority that has been built and 
deployed both in a local area network and in the Internet. Extremely weak assumptions 
characterize environments in which COCA's protocols execute correctly: no assumption is 
made about execution speed and message delivery delays; channels are expected to exhibit 
only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or 
compromised. COCA is the first system to integr ... 

Keywords: Byzantine quorum systems, Certification authority, denial of service, proactive 
secret-sharing, public key infrastructure, threshold cryptography 



12 Engineering web cache consistency 

Jian Yin, Lorenzo Alvisi, Mike Dahlin, Arun Iyengar 

August 2002 ACM Transactions on Internet Technology (TO IT), volume 2 issue 3 

Full text available: « odft403.g6 KBl Additional Information: Mixtion, abstract, references, citings, index 
l ^ J " terms 

Server-driven consistency protocols can reduce read latency and improve data freshness for 
a given network and server overhead, compared to the traditional consistency protocols 
that rely on client polling. Server-driven consistency protocols appear particularly attractive 
for large-scale dynamic Web workloads because dynamically generated data can change 
rapidly and unpredictably. However, there have been few reports on engineering server- 
driven consistency for such workloads. This article repo ... 

Keywords: Cache coherence, cache consistency, dynamic content, lease, scalability, 
volume 



13 Virtual machines: Scale and performance in the Denali isolation kernel 
Andrew Whitaker, Marianne Shaw, Steven D. Gribble 

December 2002 ACM SIGOPS Operating Systems Review, Volume 36 issue si 

Full text available: ^p„dfQ : 9J„MBl Additional Information: MLcMtjon, abstract rejerences, citings 

This paper describes the Denali isolation kernel, an operating system architecture that 
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safely multiplexes a large number of untrusted Internet services on shared hardware. 
Denali's goal is to allow new Internet services to be "pushed" into third party infrastructure, 
relieving Internet service authors from the burden of acquiring and maintaining physical 
infrastructure. Our isolation kernel exposes a virtual machine abstraction, but unlike 
conventional virtual machine monitors, Denali does not ... 

14 BjueBoX;. A.policy-drjven,„h 
Suresh N. Chari, Pau-Chen Cheng 

May 2003 ACM Transactions on Information and System Security (TISSEC), volume 6 

Issue 2 

Full text available: ^pdf(385,M.K.B} Additional Information: Ml citation, abstract, references, in.dex.tejms 

Detecting attacks against systems has, in practice, largely been delegated to sensors, such 
as network intrustion detection systems. However, due to the inherent limitations of these 
systems and the increasing use of encryption in communication, intrusion detection and 
prevention have once again moved back to the host systems themselves. In this paper, we 
describe our experiences with building BlueBox, a host-based intrusion detection system. 
Our approach, based on the technique of system call i ... 

Keywords: Intrusion detection, policy, sandboxing, system call introspection 

15 Fast and flexible application-level networking on exokernei systems 
Gregory R. Ganger, Dawson R. Engler, M. Frans Kaashoek, Hector M. Briceno, Russell Hunt, 
Thomas Pinckney 

February 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue l 

Full text available: « Ddfi500.67 KB^ Additional Information: full citation , ahstecL, references , citings, Me* 

* terms. 

Application-level networking is a promising software organization for improving 
performance and functionality for important network services. The Xok/ExOS exokernei 
system includes application-level support for standard network services, while at the same 
time allowing application writers to specialize networking services. This paper describes how 
Xok/ExOS's kernel mechanisms and library operating system organization achieve this 
flexibility, and retrospectively shares our experiences an ... 

Keywords: Extensible systems, OS structure, fast servers, network services 

16 Process migration 
September 2000 ACM Computing Surveys (CSUR), Volume 32 issue 3 

Full text available- ff) pdgl 24 MB> Additional Information: full citation, abstract, references , citings, index 
* ^ *' '" v terms, reyjew 

Process migration is the act of transferring a process between two machines. It enables 
dynamic load distribution, fault resilience, eased system administration, and data access 
locality. Despite these goals and ongoing research efforts, migration has not achieved 
widespread use. With the increasing deployment of distributed systems in general, and 
distributed operating systems in particular, process migration is again receiving more 
attention in both research and product development. As hi ... 

Keywords: distributed operating systems, distributed systems, load distribution, process 
migration 

17 An architecture for a secure service discovery service 
Steven E. Czerwinski, Ben Y. Zhao, Todd D. Hodes, Anthony D. Joseph, Randy H. Katz 
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August 1999 Proceedings of the 5th annual ACM/IEEE international conference on 
Mobile computing and networking 

Full text available: f ppdfH.47 MI3) Additional Information: full citation, references, citings, index terms 



18 Exiractin^^ 

David M. Hilbert, David F. Redmiles 

December 2000 ACM Computing Surveys (CSUR), volume 32 issue 4 



Modern window-based user interface systems generate user interface events as natural 
products of their normal operation. Because such events can be automatically captured and 
because they indicate user behavior with respect to an application's user interface, they 
have long been regarded as a potentially fruitful source of information regarding application 
usage and usability. However, because user interface events are typically voluminos and 
rich in detail, automated support is generally ... 

Keywords: human-computer interaction, sequential data analysis, usability testing, user 
interface event monitoring 



19 Fast detection of communication patterns in distributed executions H 
Thomas Kunz, Michiel F. H. Seuren 

November 1997 Proceedings of the 1997 conference of the Centre for Advanced Studies 
on Collaborative research 

Full text available: *^pdf{4.21 MB) Additional Information: MLcjtation, abstract, references, inde^te/ms 




Understanding distributed applications is a tedious and difficult task. Visualizations based on 
process-time diagrams are often used to obtain a better understanding of the execution of 
the application. The visualization tool we use is Poet, an event tracer developed at the 
University of Waterloo. However, these diagrams are often very complex and do not provide 
the user with the desired overview of the application. In our experience, such tools display 
repeated occurrences of non-trivial commun ... 

Practical byzantine fault tolerance and proactive recovery 
Miguel Castro, Barbara Liskov 

November 2002 ACM Transactions on Computer Systems (TOCS), Volume 20 Issue 4 



Our growing reliance on online services accessible on the Internet demands highly available 
systems that provide correct service without interruptions. Software bugs, operator 
mistakes, and malicious attacks are a major cause of service interruptions and they can 
cause arbitrary behavior, that is, Byzantine faults. This article describes a new replication 
algorithm, BFT, that can be used to build highly available systems that tolerate Byzantine 
faults. BFT can be used in practice to implement re ... 

Keywords: Byzantine fault tolerance, asynchronous systems, proactive recovery, state 
machine replication, state transfer 
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